Extending Security Interceptors

[rcohen16 <rc...@antennasoftware.com>]

I'm implementing a simple web service using Apache CXF where I have to
authenticate a user based on username and password. This is straightforward
and I have the service working using the WSS4F Interceptors. 

The next phase of the project is making the service able to choose from a
list of auth dbs where it will get the encrypted password that WSS4J will
then use to compare against the password sent in the SOAP header. In order
to determine which DB to pull the auth data from, I'd like to add a new
header to the SOAP message. The Interceptor/Callbackhandler should have
access to this header and then use it to figure out which DB to connect to. 

If anyone has any tips on how to approach this using the CXF API, please let
me know! Thanks!


-- 
View this message in context: http://www.nabble.com/Extending-Security-Interceptors-tf4778795.html#a13670686
Sent from the cxf-user mailing list archive at Nabble.com.